<?php
	include '../db/dbConnect.php';
    include "function/helper.php";
    if($_SERVER['REQUEST_METHOD'] == 'POST'){
        if($_POST['resetEmail']){
			$email=escape($_POST["resetEmail"]);
            $sql='SELECT *
                    FROM u_user
                    WHERE email = "'.$email.'"  AND deleted=0';
            $result=mysql_query($sql);
            if(mysql_error()){
                echo ("Mysql ERROR: ".mysql_error());
				exit();
            }
            if(mysql_num_rows($result)){
                $row=mysql_fetch_array($result);
                $fstName=$row['fstName'];
                if($row['active']){
                    $pass=genPass(6,$email);
                    $sql="UPDATE  u_user
                            SET password='".md5($pass.$email)."'
                            WHERE iduser=".$row['iduser'];

                    if(!mysql_query($sql)) {
                        echo mysql_error();
                        
                    }else{
                        echo "success";
                        sendmail($email, $fstName, $pass);
                    }
                }else{
                    echo "blocked";
                }


            }else{
                echo "notFound";
				exit();
            }

        }
    }else{
        header("location: ../../index.php");
        //die("anonymous");
    }
?>